Hi, I am also struggling with permission delegation, I would like to allow users to view their connections history, Could anyone please tell me how to do it?
Best Regards, On Sun, Feb 25, 2024, 4:53 PM Michael Jumper <[email protected]> wrote: > On 2/25/24 02:08, Florian wrote: > > Hi together, > > > > In my scenario, I have two other users who want to give external people > > the possibility to test something in our demonstration environment. I > > gave them the permission to add new users and now they are able to > > create users, but they cannot assign connections to them. Even not when > > I permit them to create new connections. I must admit, I don’t really > > understand the permission system of guacamole, es far as I can see you > > can only permit someone to create new things, and manage them, but he > > can’t “edit” any existing. In my case, this makes it difficult, as I > > don’t want the users to have the possibility to create new connections > > or change them, but I want them to be able to “use” them and assign them > > to accounts they created. Is there any way to achieve this? > > > > I use guacamole 1.5.4 in a Docker environment with postgres > authentication. > > > > Only an account with full system administrator permissions can directly > assign permissions related to users/connections that they didn't create > themselves. > > You could give the user(s) in question permission to create user groups. > They would then be able to add/remove people within those groups so long > as they are the ones that created those users. You would then use your > own system administrator account to assign connections to the relevant > groups. This way, only you would be able to control which specific > connections apply, yet the users that created the user groups would > still be able to control which of their own users inherit those > permissions. > > - Mike > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
